• We create and review Software License Agreements and SaaS
• We advise clients on software licensing audit
• We act in cases of violations of law on the internet and social media
Data Protection and Privacy – LGPD and GDPR
• We carry out processes of adequacy and compliance with the LGPD and the European Community legislation – GDPR, Analysis of the Impact on the Protection of Personal Data, Report on the Analysis of the Impact on Data Protection, Report on the Impact on Data Protection
• We prepare opinions and answer queries on Data Protection
• We support security incidents, such as the leakage of personal data
DPO as a Service / DPO Support
• We act as “DPO as a Service”, by outsourcing the role of Data Supervisor, conducting all activities before the company, data owners and ANPD
• We advise and train the company’s internal data manager in his activities
• We act administratively before the ANPD and other regulatory agencies
Is your company prepared for the LGPD?
On August 14, 2018, Law 13,709 / 18 was passed, better known as the General Data Protection Law (LGPD), which has as its main objective the regulation of the treatment of personal and sensitive data of users in Brazil. And on December 28, 2018, Provisional Measure 869/18 was issued, which eventually created the National Data Protection Authority and, consequently, postponed the date of entry into force of the LGPD to August 1, 2020.
However, due to the Covid-19 pandemic, the term of the LGPD came into discussion between the Chamber and the Senate through Provisional Measure No. 959/2020 and the 34/2020 Conversion Bill. The matter was voted unanimously in the Federal Senate on August 26, 2020, against the postponement and its immediate effectiveness.
What types of data are subject to the LGPD?
Any type of data that identifies or makes a person identifiable, including registration, genetic, biometric, physiological, mental, location, economic, cultural, social data, among others. It is important to comment that the LGPD also includes data collected before the sanction of the law.
What is Data Processing?
According to the definition brought by the LGPD itself, data processing is any operation performed with personal data, such as: collection, production, reception, classification, use, access, reproduction, transmission, distribution, processing, filing, storage, disposal, evaluation or control of information, modification, communication, transfer, dissemination or extraction.
Therefore, it is easy to see that virtually all companies will be subject to the obligations contained in the law, which is essential for companies to be in compliance with the rules contained therein.
How can we help your company in this process?
To understand how to adapt to the standard, our work is divided into 3 distinct phases, which can be contracted together or separately:
Assessment: in this phase, a general and detailed assessment of the Law’s impact on the company is made, with a diagnosis of what needs to be adapted to meet the necessary requirements and survey of the alert points
Governance: this is the stage in the preparation of the Action Plan, adaptation of processes, definition of policies and formalization of Governance.
Monitoring: phase that includes support for the DPO, training, compliance auditing, tests and evaluations.
What are the losses for companies that do not adapt?
In addition to liability for losses and damages, companies that do not adapt may suffer very severe administrative sanctions and are even capable of making business unfeasible.
In addition to severe fines, the elimination of certain data or even the publication of the infraction may compromise an entire business or even the company’s reputation.
What are the benefits of adapting as soon as possible?
By adapting now, companies will be able to test all procedures with the peace of mind that no administrative sanctions will be applied.
In addition, when the law comes into force, companies will have their databases fully regularized and will still have adopted all the procedures necessary to comply with the standard, without risk of infringement.
DOWNLOAD GUIDE: Lei Geral de Proteção de Dados